Re: [PATCH v7 3/6] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC

linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: SeongJae Park <sj@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Jeff Xu <jeffxu@google.com>, SeongJae Park <sj@kernel.org>,
	skhan@linuxfoundation.org, keescook@chromium.org,
	dmitry.torokhov@gmail.com, dverkamp@chromium.org,
	hughd@google.com, jorgelo@chromium.org,
	linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
	linux-mm@kvack.org, jannh@google.com,
	linux-hardening@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	kernel test robot <lkp@intel.com>
Subject: Re: [PATCH v7 3/6] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC
Date: Fri, 16 Dec 2022 19:31:53 +0000	[thread overview]
Message-ID: <20221216193153.100849-1-sj@kernel.org> (raw)
In-Reply-To: <20221216112102.8eec617257eb90fccb9ff503@linux-foundation.org>

Hi Jeff and Andrew,

On Fri, 16 Dec 2022 11:21:02 -0800 Andrew Morton <akpm@linux-foundation.org> wrote:

> On Fri, 16 Dec 2022 11:03:06 -0800 Jeff Xu <jeffxu@google.com> wrote:
> 
> > >
> > > I just posted a patch for that:
> > > https://lore.kernel.org/linux-mm/20221216183314.169707-1-sj@kernel.org/
> > >
> > > Could you please check?
> > >
> > Hi SeongJae,
> > Thanks for the patch ! I responded to the other thread.

Thank you for the quick and nice response, Jeff :)

> > 
> > Andrew,
> > >From a process point of view, should I update this patch to V9 to
> > include the fix ?
> > or add a patch directly on top in the mm-unstable branch.
> 
> A little fixup patch wouild be preferable.
> 
> But I added the below yesterday, so I think we're all good?

Good, thank you.  I should be more patient until you push it, but I was unable
to resist ;)


Thanks,
SJ

> 
> --- a/kernel/pid_sysctl.h~mm-memfd-add-mfd_noexec_seal-and-mfd_exec-fix
> +++ a/kernel/pid_sysctl.h
> @@ -52,8 +52,10 @@ static inline void register_pid_ns_sysct
>  	register_sysctl_paths(vm_path, pid_ns_ctl_table_vm);
>  }
>  #else
> +static inline void initialize_memfd_noexec_scope(struct pid_namespace *ns) {}
>  static inline void set_memfd_noexec_scope(struct pid_namespace *ns) {}
>  static inline void register_pid_ns_ctl_table_vm(void) {}
> +static inline void register_pid_ns_sysctl_table_vm(void) {}
>  #endif
>  
>  #endif /* LINUX_PID_SYSCTL_H */
> _

next prev parent reply	other threads:[~2022-12-16 19:32 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-09 16:04 [PATCH v7 0/6] mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC jeffxu
2022-12-09 16:04 ` [PATCH v7 1/6] mm/memfd: add F_SEAL_EXEC jeffxu
2022-12-09 16:04 ` [PATCH v7 2/6] selftests/memfd: add tests for F_SEAL_EXEC jeffxu
2022-12-14 18:52   ` Kees Cook
2022-12-09 16:04 ` [PATCH v7 3/6] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC jeffxu
2022-12-14 18:53   ` Kees Cook
2022-12-16 18:39   ` SeongJae Park
2022-12-16 19:03     ` Jeff Xu
2022-12-16 19:21       ` Andrew Morton
2022-12-16 19:31         ` SeongJae Park [this message]
2022-12-09 16:04 ` [PATCH v7 4/6] mm/memfd: Add write seals when apply SEAL_EXEC to executable memfd jeffxu
2022-12-09 16:04 ` [PATCH v7 5/6] selftests/memfd: add tests for MFD_NOEXEC_SEAL MFD_EXEC jeffxu
2022-12-09 16:04 ` [PATCH v7 6/6] mm/memfd: security hook for memfd_create jeffxu
2022-12-09 17:02   ` Casey Schaufler
2022-12-09 18:29   ` Paul Moore
2022-12-13 15:00     ` Jeff Xu
2022-12-13 15:37       ` Casey Schaufler
2022-12-13 19:22       ` Paul Moore
2022-12-13 23:05         ` Jeff Xu
2025-09-20  5:54         ` Abhinav Saxena
2025-09-20 18:58           ` Jeff Xu
2022-12-09 18:15 ` [PATCH v7 0/6] mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC Paul Moore
2022-12-14 18:54 ` Kees Cook
2022-12-14 23:32   ` Jeff Xu
2022-12-15  0:08     ` Kees Cook
2022-12-15 16:55       ` Jeff Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221216193153.100849-1-sj@kernel.org \
    --to=sj@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=dmitry.torokhov@gmail.com \
    --cc=dverkamp@chromium.org \
    --cc=hughd@google.com \
    --cc=jannh@google.com \
    --cc=jeffxu@google.com \
    --cc=jorgelo@chromium.org \
    --cc=keescook@chromium.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=skhan@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).